Komento Joomla! component Persistent XSS

CVE Reference: CVE-2015-7324 Komento is a Joomla! comment extension for articles and blogs in K2, EasyBlog, ZOO, Flexicontent, VirtueMart and redShop. @http://stackideas.com/komento I found out that was possible to launch a Persistent XSS attack when adding a new comment using the WYSIWYG website and image buttons. This issue was critical in both environments – frontend… Continue reading Komento Joomla! component Persistent XSS